参考:
图片和视频防盗链简单介绍
.htaccess详解及.htaccess参数说明

测试实验结果

图片来源站:英树小程序项目

图片:https://yingshu.cohcreate.com/upload/2018/05/18/b4c5afe441de59e6.png

普通http请求(lnmp虚拟主机设置生成)

server
{
    listen 80;
    server_name xx.xx;
    index index.html index.htm index.php;
    root  /xx/xx/xx;

    location ~ [^/]\.php(/|$)
    {
        fastcgi_pass  127.0.0.1:9000;
        fastcgi_index index.php;
        include fastcgi.conf;
        #include pathinfo.conf;
    }

    location ~ .*\.(gif|jpg|jpeg|png|bmp|swf)$
    {
        expires      30d;
    }

    location ~ .*\.(js|css)?$
    {
        expires      12h;
    }
    #include /xx/xx/xx/.htaccess;
    access_log  /xx/xx/xx.log;
    error_log /xx/xx/xx.error.log;

    error_page 404 http://$host$uri?$args;
}

https请求(基于基础版修改,防盗链)

开发微信小程序需将微信服务器地址添加到白名单(微信服务器地址是什么,不知道 ~)

server {
    listen 443 ssl;
    server_name xx.xx;
    root /xx/xx/xx;
    index index.php index.html;
    ssl_certificate   ../cert/xx.pem;
    ssl_certificate_key  ../cert/xx.key;
    ssl_session_timeout 5m;
    ssl_ciphers xx-xx-xx-xx-xx:xx:xx:xx:xx:!NULL:!xx:!xx:!xx:!xx;
    ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
    ssl_prefer_server_ciphers on;

    location / {
        try_files $uri $uri /index.php$uri;
    }

    location ~ [^/]\.php(/|$) {
        fastcgi_pass  127.0.0.1:9000;
        fastcgi_index index.php;
        include fastcgi.conf;
        #include pathinfo.conf;
        fastcgi_param HTTPS $https if_not_empty;
        include fastcgi_params;
    }

    location ~ .*\.(gif|jpg|jpeg|png|bmp|swf)$ {
        expires      10d;
        valid_referers none blocked *.ttlsa.com server_names ~\.google\.com ~\.baidu\.com;
        if ($invalid_referer) {
                return 403;
                #rewrite ^/ http://www.ttlsa.com/403.jpg;
        }
    }

    location ~ .*\.(js|css)?$ {
        expires      12h;
    }
    access_log  /xx/xx/xx.log;
}

valid_referers 参数说明

none:没有来源地址,即浏览器直接打开,由于是https的请求,得加上
blocked:服务器防火墙白名单地址
*:自定义白名单地址(空格隔开多个)

错误 | 方案

错误1: [emerg] unknown directive " " in xx/xx/nginx.conf
方案:去除出错行行前的空格,用tab代替

盗链展示:
英树